Adobe ActionScript SecurityErrorEvent Security Bypass Vulnerability

Adobe ActionScript is prone to a security-bypass vulnerability because the application allows Flash movies compiled by ActionScript to connect to arbitrary TCP ports on a host running a vulnerable version of Flash.

Successfully exploiting this issue allows an attacker to bypass the application's sandbox security model and scan other hosts that are connected to the computer running the vulnerable application.


 

Privacy Statement
Copyright 2010, SecurityFocus